Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/logging-api-requests

logging-api-requests

SKILL.md

Logging API Requests

Overview

Implement structured API request logging with correlation IDs, performance timing, security audit trails, and PII redaction. Capture request/response metadata in JSON format suitable for aggregation in ELK Stack, Loki, or CloudWatch Logs, enabling debugging, performance analysis, and compliance auditing across distributed services.

Prerequisites

  • Structured logging library: Pino or Winston (Node.js), structlog (Python), Logback with JSON encoder (Java)
  • Log aggregation system: ELK Stack (Elasticsearch, Logstash, Kibana), Grafana Loki, or CloudWatch Logs
  • Correlation ID propagation mechanism (middleware-injected or from incoming X-Request-ID header)
  • PII data classification for the API domain (which fields contain personal data requiring redaction)
  • Log retention and rotation policy defined per compliance requirements

Instructions

  1. Examine existing logging configuration using Grep and Read to identify current log format, output destinations, and any structured logging already in place.
  2. Implement request logging middleware that captures: timestamp (ISO 8601), correlation ID, HTTP method, URL path (without query string PII), status code, response time (ms), request size, response size, and client IP.
  3. Generate a unique correlation ID (X-Request-ID) for each request if not provided by the caller, and propagate it to all downstream service calls and log entries within the request scope.
  4. Add PII redaction rules that mask sensitive fields (passwords, tokens, SSNs, email addresses) in logged request/response bodies using configurable field-path patterns.
  5. Implement log levels per context: info for successful requests, warn for 4xx client errors, error for 5xx server errors with stack traces, and debug for request/response bodies (development only).
  6. Configure response body logging for error responses only (4xx/5xx), capturing the error payload for debugging while skipping successful response bodies to reduce log volume.
  7. Add security audit logging for sensitive operations: authentication attempts, permission changes, data exports, and admin actions, tagged with audit: true for separate indexing.
  8. Set up log rotation and retention policies: 30 days for application logs, 90 days for audit logs, with automatic compression of logs older than 7 days.
  9. Write tests verifying that PII redaction works correctly, correlation IDs propagate through nested calls, and log output matches expected JSON structure.

See ${CLAUDE_SKILL_DIR}/references/implementation.md for the full implementation guide.

Output

  • ${CLAUDE_SKILL_DIR}/src/middleware/request-logger.js - Structured request/response logging middleware
  • ${CLAUDE_SKILL_DIR}/src/middleware/correlation-id.js - Correlation ID generation and propagation
  • ${CLAUDE_SKILL_DIR}/src/utils/pii-redactor.js - Field-level PII redaction with configurable patterns
  • ${CLAUDE_SKILL_DIR}/src/utils/audit-logger.js - Security audit event logger for sensitive operations
  • ${CLAUDE_SKILL_DIR}/src/config/logging.js - Log level, format, and output destination configuration
  • ${CLAUDE_SKILL_DIR}/tests/logging/ - Logging middleware tests including PII redaction verification

Error Handling

Error Cause Solution
Log volume overwhelming storage High-traffic endpoint logging full request/response bodies Log bodies only for errors; sample successful request bodies at configurable rate (1%)
PII leak in logs New field added to API response containing personal data not covered by redaction rules Maintain allowlist of loggable fields rather than blocklist; audit log output regularly
Correlation ID missing Upstream service does not propagate X-Request-ID header Generate new correlation ID when header is absent; log warning about missing upstream propagation
Log parsing failure Log message contains unescaped characters breaking JSON structure Use structured logging library that handles serialization; never concatenate user input into log strings
Audit log gap Async logging dropped events during high-load period Use synchronous logging for audit events; implement write-ahead buffer for audit trail completeness

Refer to ${CLAUDE_SKILL_DIR}/references/errors.md for comprehensive error patterns.

Examples

Structured JSON log entry: {"timestamp":"2026-03-10T14:30:00Z","correlationId":"abc-123","method":"POST","path":"/api/users","status":201,"durationMs":45,"userId":"usr_456","audit":false} -- every field queryable in log aggregation.

Distributed tracing correlation: Propagate X-Request-ID from API gateway through 3 microservices, enabling a single Kibana query to show the complete request lifecycle across all services.

Compliance audit trail: Tag all data modification operations (POST, PUT, DELETE) with audit: true, capturing the authenticated user, modified resource ID, and change summary for SOC 2 compliance evidence.

See ${CLAUDE_SKILL_DIR}/references/examples.md for additional examples.

Resources

Weekly Installs
17
Repository
jeremylongshore…s-skills
GitHub Stars
1.6K
First Seen
Feb 16, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
codex17
mcpjam16
claude-code16
junie16
windsurf16
zencoder16